Xnview
This hub aggregates every CVE we track for Xnview, a product in the consumer software space. Use it to gauge the current risk picture and drill into individual advisories.
161
CVEs tracked
13
Critical
142
High
0
In CISA KEV
Severity distribution
HIGH142CRITICAL13MEDIUM6
Monthly trend
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Xnview.
- CVE-2024-11950XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability8.8
- CVE-2023-46587Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file.7.8
- CVE-2021-28835Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file.7.8
- CVE-2021-28427Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file.7.8
- CVE-2013-3493XnView 2.03 has an integer overflow vulnerability9.8
- CVE-2013-3492XnView 2.03 has a stack-based buffer overflow vulnerability9.8
- CVE-2013-3246Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.7.8
- CVE-2013-3247Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.7.8
- CVE-2013-3937Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.7.8
- CVE-2013-3939xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a...7.8
- CVE-2013-3941Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in ...9.8
- CVE-2019-17262XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0.7.8
- CVE-2019-17261XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51.7.8
- CVE-2019-13262XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x00000000003283eb.7.8
- CVE-2019-13261XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328384.7.8
Product normalization is registry-driven with AI assist and human review. How it works